This document describes the basic workflow to follow, after you've made a change to the Linux Kernel in the Chromium OS sources, to submit a your changes to the Chromium OS repository, and to submit your changes upstream to the official Linux Kernel repository.

What commit message should I use?

Code Changes

For changes which cannot be submitted upstream to the official Linux Kernel repository, the commit message is important. We use the following conventions:

Begin the commit message with CHROMIUM:

If it is architecture specific, add the architecture. The following are samples of supported architectures: ARM: or X86:

If it is machine specific, add machine-identifying information. For example, tegra2: or x86-mario:.

Follow the needed tags with the subject for the commit message.

Follow the subject line with the body of the commit message. The message should not only describe what, but also why, you have created the change. Please include information about the testing that you performed to ensure the code is valid.

Signed-off-by is required, and our gerrit server is a bit picky about the order. It appears to require this line immediately before the Change-Id line if present.

An example subject line is: CHROMIUM: ARM: tegra: Add initial support for aebl

Do not include configuration changes (i.e. changes to files within chromeos/config) with other code changes. See the next section for these.

Files may not be suitable for submission upstream because they have Chromium OS-specific information, or may be based on other changes which are local to the Chromium OS project. Such changes may not be upstreamed, but the Chromium OS project team will continue to maintain the changes.

Configuration Changes

When a commit involves configuration changes, make sure that any code changes are separated out into a different commit. The configuration commit should contain only changes to files within the chromeos/config directory tree.

The commit message should start with CHROMIUM: config:

An example message is: CHROMIUM: config: enable aebl config

How do I send a patch upstream?

Changes to parts of the kernel which are not purely Chrome OS- specific should be upstreamed where possible. This includes just about any part of the kernel: ARM- and x86-specific changes, driver patches and changes within the main kernel and mm source. You can start with a code review if you like. Take a look on the kernel mailing list to get a feel for how people submit and review patches.

Sending patches the easy way (patman)

Patman automates patch creation, checking, change list creation, cover letter, sending to the mailing list, etc. You can find patman in the U-Boot tree (src/third_party/u-boot/files/tools/patman). There is also a kernel patch set here with a newer version. Upstream U-Boot has it also.

Amend your top commit to have the line:

Series-to: LKML <linux-kernel@vger.kernel.org>

Series-cc: (anyone you want to Cc all patches in the series to)

Then type:

patman -n

to generate patches, check that they will go to the right place, and send them. Or:

patman

to generate patches and send them.

Various options are available. Particularly useful ones are:

-m - by default patman sends your patches to relevant maintainers. Use this option to turn that off

-t - ignore tags in the subject line which cannot be found

-n - do a dry run

Full documentation is available in the README (patman -h) or here. Take a look at the automated change list creation and the alias support also.

Sending patches manually

Like any kernel patch you should use checkpatch.pl to make sure it is clean (see below). Also see Documentation/SubmittingPatches in the kernel source tree for instructions. You can use 'git show HEAD' to see your patch.

To send upstream, you can create patch files with 'git format-patch', and then email then. This creates a set of patch files named '000n-<something>' where 'n' is incremented starting from 1, and "something" comes from the first line of each change description.

You can use get_maintainer.pl to figure out who to send it to.

# turn top commit into a patch
git format-patch HEAD~

# or perhaps you want to do the top 5 commits
git format-patch HEAD~5
# edit patches if you like

(Note:git send-email requires git-email to be installed on your host ('sudo apt-get install git-email'),
or you will get the message "git: 'send-email' is not a git command. See 'git --help'.".You also need to configure .gitconfig to use your SMTP server)

If you are sending a series of patches it is nice to include a cover letter. This turns up as patch zero in the series. Pass the --cover-letter flag to 'git format-patch' and it will create a 0000-subject file which you can edit to contain your cover letter. When you use 'git send-email' you can send files 000* to send the cover letter and all your patches as one email set.

Another flow that might work is to send email directly, without going through 'git format-patch'. For example you can email the top five commits to the mailing list with something like:

Check you have removed Change ID, TEST= and BUG= from the commit message

Which copyright header should I use?

When adding new files to the kernel, please add a regular Google copyright header to them. In particular this is true for any code that will eventually find its way upstream (which should include practically everything we do).

The main reason for this is that there's no concept of "The Chromium OS Authors" outside of our project, since it refers to the AUTHORS file that isn't bundled with the kernel.

/*

* Copyright (C) 2017 Google, Inc.

*

* This software is licensed under the terms of the GNU General Public

* License version 2, as published by the Free Software Foundation, and

* may be copied, distributed, and modified under those terms.

*

* This program is distributed in the hope that it will be useful,

* but WITHOUT ANY WARRANTY; without even the implied warranty of

* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

* GNU General Public License for more details.

*/

How do I check my patches are correct?

There are two aspects of having correct patches to send upstream: not having Chromium OS-specific details, and meeting all the Linux kernel requirements.

For the following sections, you will need to have created a patch file using git format-patch. Also note that you will have to recreate the patch file, and re-check your patch file each time you check in code to your source tree.

Remove Chromium OS-specific Details

Verifying these details is as simple as loading the patch file in your favorite editor. Edit the file manually to become compliant; this will, of course, have no affect on the source or commit message stored by git.

No CHROMIUM:in the subject line of the patch file.

No BUG= in the patch file.

No TEST= in the patch file.

No Change-Id: in the patch file.

Signed-off-by: is in the patch file.

Once all of the above is true, you can move on to checking for compliance with the Linux Kernel guidelines.

Check for Compliance with Linux Kernel Requirements

You should use this perl script to check that your patch conforms to the kernel coding standard. It is kept in the linux kernel tree.

How do I backport an upstream patch?

Let's suppose you've spotted a juicy new commit in Linus's upstream linux kernel tree that you just must have.
Instead of creating a new branch and manually applying the changes, use git cherry-pick to do it for you.
In addition, the repository maintainers appreciate it if the cherry-picked commit still contains the original author and git hash of the original upstream commit.
Use git cherry-pick -x to do this automatically:

NAME

git-cherry-pick - Apply the changes introduced by some existing commits

Given one or more existing commits, apply the change each one introduces, recording a new commit for each. This requires your working tree to be

clean (no modifications from the HEAD commit).

OPTIONS

...

-x

When recording the commit, append to the original commit message a note that indicates which commit this change was cherry-picked from. Append the note only for cherry picks without conflicts. Do not use this option if you are cherry-picking from your private branch because the information is useless to the recipient. If on the other hand you are cherry-picking between two publicly visible branches (e.g. backporting a fix to a maintenance branch for an older release from a development branch), adding this information can be useful.

First, add Linus's tree as a remote to the chromium-os kernel tree (assuming the chromium-os root is ~/chromiumos):

This will take a little while as git fetches all upstream commits. Luckily, git is smart and won't refetch commits already in the chromium-os tree.

Once the tree is updated, take a brief look at whats been happening upstream recently to a particular path (--oneline shows short-form upstream hashes and the brief commit message):

git log --oneline linus/master /path/of/interest

We can view that juicy commit using its upstream hash:

git show <upstream_commit_hash>

To backport the commit to the chromium-os tree, first start a new branch from the current Tip of Tree (ToT).
Then cherry-pick with -x to preserve the original author and hash, and -s to sign-off-by the commit:

repo sync .

repo start my_upstream_commit .

git cherry-pick -x -s <upstream_commit_hash>

Add TEST= and BUG= lines at the bottom of the patch description. Also, remember to keep the patch subject intact with only an addition of UPSTREAM: or BACKPORT: as a new prefix. Use UPSTREAM: if you are applying an upstream patch as-is, or BACKPORT: if you had to change the code to make it run with an older kernel version.

Now, the upstream commit is on its own branch, let's upload it to gerrit, like usual:

repo upload .

This will generate a gerrit change for review.

After review, submit the patch in gerrit like usual.

UPSTREAM, BACKPORT, FROMLIST, and you

When backporting patches from Linus's kernel tree, you should tag your patch with UPSTREAM (or BACKPORT, if modifications were needed). But what about patches that are "on their way" upstream, but haven't been merged for an official release yet?

FROMLIST: use this tag when a patch has been sent to a public mailing list for review, but hasn't yet been merged anywhere. Before submitting a patch like this, try to address any review comments made in the public forum. Please also include a link to the list the patch was obtained from. For example:

FROMLIST: bibble: a patch to fix everything

...

(am from https://patchwork.kernel.org/patch/0987654/)

UPSTREAM: this tag should be used exclusively for patches that have actually landed in Linus' tree, not for cherry-picks from maintainer trees.

BACKPORT: follow the same rules as UPSTREAM, except that if you have to make significant changes to the patch, you should label it with BACKPORT and document what you had to change.

FROMGIT: use this tag for cherry-picks of patches from maintainer trees, which have been applied in preparation for an upcoming release.

Although it is a good reference for "what's going into the next release" never backport a patch straight from linux-next. Always source either a maintainer tree or a mailing list post.

When including patches from maintainer trees, be specific about your source tree and branch. For example:

How to quickly test kernel modifications (the fastest way)

Please take a look at doc on network-based development. While setting up your environment might appear to be harder and more time consuming, in many cases it will allow to test kernel modifications much faster and easier than the ways described below.

Note that using cros_workon_make leaves build artifacts in your source directory under the "build" directory. When you do a regular emerge of the kernel (and are cros_work'ed on) this will slow things down because the entire source directory gets copied. So delete the "build" directory when you're done.

Note: Please ensure that verity is disabled on the target before running the update_kernel.sh script, otherwise the script won't be able to copy over kernel modules and the target will be rebooted with just the kernel image updated. Since the network drivers are built as modules, this leaves machine in a state where there is no way to connect to the network after the reboot. Verity can be disabled using the command "/usr/share/vboot/bin/make_dev_ssd.sh --remove_rootfs_verification --partition <partition number>" on the target followed by a reboot.

Dealing with a bad kernel installation

One problem with this fast approach is that it requires an already installed and booted target system. If you update with a bad kernel so that it no longer boots, this approach is no longer available. The system is generally recoverable by booting physical media (USB stick or SD card) and copying its kernel blob over your kernel partition:

# Assuming you boot physical media as sdb, and your local disk is sda,

$ dd if=/dev/sdb2 of=/dev/sda2

Dealing with partition corruption due to bad kernel recovery

One time I really screwed up my system by recovering (after bad kernel installation) with 'dd if=/dev/sdb of=/dev/sda'. I forgot the '2' after each drive specification.
This overwrote my internal partition table with an exact copy of the USB stick's partition table, including the GUIDs.
When I subsequently tried to boot USB, the system always seemed to boot off the internal disk. 'rootdev -s' reported (internal partition) /dev/sda3.
After an hour or so, consultation with Bill showed that I really was booting the kernel from /dev/sda2, but the kernel found the matching GUID on sda before even looking at sdb.
This was recovered with:

$ a=$(uuidgen)

$ cgpt add -i 3 -u $a /dev/sda

which generates and installs a new GUID for sda3.

Dealing with issues - preparing the environment

Below are described some problems you might encounter. If instructions above work, you might skip them. We assume that you want to boot using the most recently built image.

Public key authorization

update_kernel.sh uses for authorization keys that, depending on your configuration, might not be present in your image. If that's the case, you will be prompted for password during script execution. To fix it, run the following commands in your image directory:

iptables configuration

Iptables - again, depending on your configuration - might be configured to refuse all the incoming connections, in which case update_kernel.sh will be unable to ssh to your target machine. If you encounter this problem, to fix it:

Again mount the root filesystem:

(chroot) $ sudo mount -o loop part_3 rootfs_dir/

Edit file rootfs_dir/etc/init/iptables.conf. Find the following line:

iptables -P INPUT DROP

Change it to:

iptables -P INPUT ACCEPT

Save and unmount the filesystem:

(chroot) $ sudo umount rootfs_dir/

Dealing with issues - cleaning up

To build new image after modifications to one or more of the partitions, simply run:

(chroot) $ ./pack_partitions.sh chromiumos_image.bin

How to test kernel modifications (the slow way)

Note: there is more information (possibly more useful too) in the disk format document, and more specifically here.

Check out the tree somewhere as usual, make the chroot, build packages, build image, blah blah blah. Create a bootable USB key from that image. We'll modify that key with our testing kernel.

At this point you need to cros_workon the kernel (and clone the kernel tree in case you used mini-layout). See the big picture and instructions in Chromium OS Developer Guide, but as a quick reference you are expected to run the following inside chroot:

<base_toolchain_name> is armv7a-cros-linux-gnueabi- or i686-pc-linux-gnu-, respectively,

<image_type> is bzImage for x86 or uImage for arm,

<num> should be set to an integer which is twice the number of cores on your development machine.

Renaming of the .git directory for the duration for the build is required to prevent mangling the module path by the kernel make. The

make will produce ${BUILD_DIR}/arch/<your_target_arch>/boot/{bzImage|uImage}, which is the kernel image you want to try. The next step varies depending on whether your hardware has an EFI BIOS, legacy BIOS or u-boot. You can ether copy the kernel to your USB stick and tell the bootloader to use your new kernel, possibly with extra debugging arguments, or use netboot/NFS for u-boot equipped targets (see network_based_development for details).

If you need your module to be present on the target, you can scp it from the build location to your target (provided your target is set for ssh access and allows chronos account login).

Testing with an EFI BIOS

Copy the new bzImage file into the /efi/boot/ directory on your USB key's partition 12. The /efi/boot/grub.cfg file will look for the kernel called vmlinuz, but you can edit that config file to add a line to look for your test kernel too. For example, here's my USB key's partition 12:

When the USB key boots, I'll see a menu that lets me select which boot path to use.

Testing with a legacy BIOS

Copy the new bzImage file into the /boot directory on your USB key's partition 3. The /boot/extlinux.conf file will look for the kernel called vmlinuz, but you can edit that config file to add a line to look for your test kernel too. For example, here's my USB key's partition 3:

When the USB key boots, I can hit TAB to see the list of boot choices, and can pick the one I want by entering the label.

Debugging messages

With either bootloader, you can debug early kernel failures by increasing the verbosity and location of kernel debug messages. You can modify the config files without rebuilding anything. The default boot args have this:

quiet console=tty2 loglevel=1

Using args like these instead may be helpful:

console=tty1 loglevel=7

Working on several kernel issues

git supports multiple branches coexisting in the same directory tree, and kernel make system supports placing the kernel build output in a separate directory (using the O=<path> make command line parameter).

To create separate builds get per kernel git branch, while in the cloned kernel source tree root create a build directory for your current branch, for instance:

mkdir ../build/<branch_name>

and then just add O=../../build/<branch_name> to make invocations described above. Or use the following bash script to take care of all make command line parameters other than make targets:

Modifying H2C Bios kernel command line

Place kernel blob into a file (<original_kernel>), either using dd on the target or by dismantling chromiumos_image.bin generated by build_image. Store the desired kernel command line in a file <new_cmd_line> and then use the following to change the kernel command line:

where <key> is kernel_data_key.vbprivk for the main kernel orrecovery_kernel_data_key.vbprivk for the flash drive based recovery kernel The keys can be found in the vboot_reference repository. Then dd the <modified_kernel> file back to where <original_kernel> came from.

The command line to boot a kernel with verified rootfs disabled can be obtain by editing the regular command line as follows:

Installing onto SSD

Instead of booting the kernel from USB as described above, it can be installed directly on the SSD of the target device. With modern H2C Bios, this requires signing the blob with the development key and booting with the target machine's development mode switch set appropriately. Also, since there are two kernel/root partition pairs in our partition scheme, we need to select which one we want to use. Usually we stay with the current pair.

Debugging kernel crashes

TODO: This is anecdotal, and may not be an optimal or fully correct solution. Please verify and remove the TODO.

You have a few options:

1. Googler-only: Check out go/xstability. Clicking on sample crashes here go/crash with the filter set for that particular crash. Click on a sample report. Below the "Report Time" and "Client ID" you should "Files" with a link to "upload_file_kcrash". This has the stack trace towards the end.

TODO: Add more details on this

2. If you are debugging a local crash on your device, look for the crash in /var/log/messages (unlikely that it would be saved there) or /dev/pstore/console-ramoops. You may see some symbols preceded by question marks in the stack trace, something like the below.

There are a few ways you can resolve the "? some_symbol + 0xoffset" format into a line of source code. For example, if you want to find what line of source code the "? iwl_mvm_send_lq_cmd+0x8e/0x9c" corresponds to, first use cscope or something to know that this is defined in drivers/net/wireless-3.8/iwl7000/iwlwifi/mvm/utils.c. Next, enter the cros_sdk chroot and load up the corresponding object file in gdb

Debugging with KGDB/KDB

KGDB is an in-kernel debugger implementation, which allows developers to attach a local GDB instance on their development machine to debug the kernel on a remote test machine, using a serial connection. You can find some information here: